github_app_access_token: add support for private key fact (#8989)

* github_app_access_token: add support for private key fact Adds support for specifying the GitHub App private key via an ansible fact instead of a path to a file. This is useful when you want to generate registration tokens for a remote host but don't want to put secrets on the host. * Add license file * Fix pep8 formatting * Add changelog fragment * Run sanity tests on changelog * Apply suggestions from code review Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com> Co-authored-by: Felix Fontein <felix@fontein.de> * Add input validation check * Add import * Apply suggestions from code review Co-authored-by: Felix Fontein <felix@fontein.de> * Add error for mutually exclusive options * Update plugins/lookup/github_app_access_token.py Co-authored-by: Felix Fontein <felix@fontein.de> --------- Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com> Co-authored-by: Felix Fontein <felix@fontein.de>
2025-07-24 05:40:23 -07:00 · 2024-10-21 19:53:18 +01:00 · 2024-10-21 19:53:18 +01:00 · 5b3b7a1fb1
commit 5b3b7a1fb1
parent 9fb686fe35
7 changed files with 106 additions and 6 deletions
--- a/tests/unit/plugins/lookup/test_github_app_access_token.py
+++ b/tests/unit/plugins/lookup/test_github_app_access_token.py
@ -32,7 +32,7 @@ class MockResponse(MagicMock):

 class TestLookupModule(unittest.TestCase):

-    def test_get_token(self):
+    def test_get_token_with_file(self):
        with patch.multiple("ansible_collections.community.general.plugins.lookup.github_app_access_token",
                            open=mock_open(read_data="foo_bar"),
                            open_url=MagicMock(return_value=MockResponse()),
@ -50,3 +50,21 @@ class TestLookupModule(unittest.TestCase):
                    token_expiry=600
                )
            )
+
+    def test_get_token_with_fact(self):
+        with patch.multiple("ansible_collections.community.general.plugins.lookup.github_app_access_token",
+                            open_url=MagicMock(return_value=MockResponse()),
+                            jwk_from_pem=MagicMock(return_value='private_key'),
+                            jwt_instance=MockJWT(),
+                            HAS_JWT=True):
+            lookup = lookup_loader.get('community.general.github_app_access_token')
+            self.assertListEqual(
+                [MockResponse.response_token],
+                lookup.run(
+                    [],
+                    app_id="app_id",
+                    installation_id="installation_id",
+                    private_key="foo_bar",
+                    token_expiry=600
+                )
+            )